On Monday 07 February 2011 10:39:21 am robert wrote: > My group has a requirement to validate published WSDLs for compliance > against the WS-I Basic Security Profile. > > Perhaps I have misunderstood the requirement, in relationship to the > 'published' sense? Or perhaps, the requirement could be refined > further.
Honestly, I have no idea what the "requirement" would be. The only place WSDL is mentioned in the WSI-SP is in section 5.4. All the checks in there are just pointers to the BP 1.0 and 1.1 specifications. Thus, it's really just checking the BP. Dan > On Mon, 7 Feb 2011 10:20:04 -0500, Daniel Kulp <dk...@apache.org> > > wrote: > > On Monday 07 February 2011 9:55:42 am robert wrote: > >> Consider the online help for the WSDL validator tool: > >> http://cxf.apache.org/docs/wsdlvalidator.html. > >> > >> The text states that the following check is performed: "Validate the > >> WSDL document against custom validation rules, such as those defined by > >> the Web Services Interoperability (WS-I) organization (i.e. WS-I Basic > >> Profile rules)." > >> > >> I have two questions in this regards, > >> > >> (1) The checks target what version of WS-I Basic Profile? If it's > >> not Web Services Interoperability Organization’s Basic Profile, Version > >> 1.2, could checks be added for this latest version? > > > > It's WS-I Basic Profile.. It's not all the rules though. I think > > WSI-BP defines hundreds, if not thousands, of checks. We're pretty > > much checking for the common issues. If someone wants to go through > > the BP spec and write > > additional checks, that would be great. It's not a priority for > > *ME* as the > > existing checks have been fairly adequate. > > > >> (2) Are there any checks performed in relationship to "Web Services > >> Interoperability Organization’s Basic Security Profile, Version 1.1"... > >> if not, could there be? > > > > Well, the WSI-security profile defines on-the-wire rules and such. > > It really > > doesn't define any rules for anything in the WSDL. What would a *WSDL* > > validator validate with this? -- Daniel Kulp dk...@apache.org http://dankulp.com/blog
